ICSA-15-027-02
·
Published 2025-06-06
·
View on CISA ICS-CERT ↗
Schneider Electric Multiple Products Buffer Overflow Vulnerability
CVSS 7.5
HIGH
CVEs (1)
Remediations
- Schneider Electric has released a patch that resolves the vulnerability by removing the vulnerable DLL. Schneider Electric’s patch is available at the follow location: (http://download.schneider-electric.com/files?p_Doc_Ref=FDT1) DLL Removal Kit.
- Schneider Electric’s security notice SEVD-2015-009-01 is available at the following location: (http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01) .
Affected Vendors
Schneider Electric
Affected Products (12)
Schneider Electric
·
Unity Pro
vers:all/*
Schneider Electric
·
SoMachine
vers:all/*
Schneider Electric
·
SoMove
vers:all/*
Schneider Electric
·
SoMove Lite
vers:all/*
Schneider Electric
·
Modbus Communication Library
<=2.2.6
Schneider Electric
·
CANopen Communication Library
<=1.0.2
Schneider Electric
·
EtherNet/IP Communication Library
<=1.0.0
Schneider Electric
·
EM X80 Gateway DTM (MB TCP/SL)
vers:all/*
Schneider Electric
·
Advantys DTMs (OTB, STB)
vers:all/*
Schneider Electric
·
KINOS DTM
vers:all/*
Schneider Electric
·
SOLO DTM
vers:all/*
Schneider Electric
·
Xantrex DTMs
vers:all/*
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more